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DETAILED ACTION 

1 . Claims 1 -6, 8-1 6, 19, 21, 23, 24, and 26 are pending in this action. 



2. Applicant's arguments, filed March 7, 2006, have been considered and are 
persuasive. However, a new ground of rejection is made. 

Rejections 

3. The text of those sections of Title 35, U.S. Code that are not included in this 
rejection can be found in a prior Office action. 

Claim Rejections - 35 USC § 103 

4. Claims 1-6. 8-16. 19. .21. 23. 24. and 26 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Abraham et al. (U.S. Patent No. 5,446,903) in view of Beobert 
et al. (U.S. Patent No. 6,772,332). 

Regarding claims 1 and 13 . Abraham et al. teaches a process/computer- 
readable medium for protecting a computer from hostile code, the process comprising: 
• Defining at least two trust groups, each of the defined trust groups being 
characterized by a trust group value (fig. 4, SECCATXX represents trust group 
values); 
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• Assigning objects and processes in the computer to one of said trust groups (fig. 
4, SECCATXX and col. 11, lines 44-50); 

• Defining an action rule for each combination of process trust group value, object 
trust group value, and object type (fig. 8); and - 

• Upon an access request by a requesting process to a target object, performing 
the action indicated by the action rule applicable to the trust group value of the 
requesting process, the trust group value of the target object, and the object type 
(fig. 15, ref. num 155). 

Abraham et al. does not teach defining at least two object types or assigning an 
object type to each of the objects, nor does Abraham et al. specifically teach the 
assigning is done irrespective of the rights of a user of said computer. 

Beobert et al. teaches defining at least two object types (col. 1 1 , lines 37-41 ) and 
assigning an object type to each of the objects (col. 1 1 , lines 37-41 , objects are 
automatically assigned an object type) and the assigning is performed irrespective of 
the rights of a user of said computer (fig. 6-9). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to combine defining multiple object types and assigning an object 
type to each object, as taught by Beobert et al. , with the process/medium of Abraham et 
aL It would have been obvious for such modifications because differentiating data 
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based on object type provides further security of the data (see col. 1 1 , lines 37-41 of 
Beobert et al.). 

Regarding claim 2 , Abraham et al. as modified by Beobert et al. teaches wherein 
a process is assigned upon creation to the trust group assigned to the passive code 
from which the process is created (see fig. 15, ref. num 159, inheritance of Abraham et 
al.). 

Regarding claim 3 . Abraham et al. as modified by Beobert et al. teaches further 
comprising changing the trust group of the process if the trust group value of the 
process is greater than the trust group value of the object (see fig. 12B, ref. num 
116/117 of Abraham et al.). 

Regarding claim 4 , Abraham et al. as modified by Beobert et al. teaches further 
comprising changing the trust group of said object after performing said action (see fig. 
13, ref. num 134 of Abraham et al.). 

Regarding claim 5 , Abraham et al. as modified by Beobert et al. teaches further 
comprising, upon creation of an object by a process, assigning said created object to 
the trust group of said process (see fig. 15, ref. num 159, inheritance of Abraham et al.). 
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Regarding claim 6 , Abraham et al. as modified by Beobert et al. teaches further 
comprising defining at least two operation types and wherein said combination includes 
at least one of said operation types (see fig. 12B, ref. num 1 17 of Abraham et al.). 

Regarding claim 8 , Abraham et ah as modified by Beobert et al. teaches further 
comprising assigning said process to the trust group of said object if the trust group of 
said process is higher than the trust group of said object (see fig. 12B, ref. num 117, 
user can promote EC1 of Abraham et al.). 

Regarding claim 9 , Abraham et al. as modified by Beobert et al. teaches wherein 
upon a restart of said process, the trust group of said process reverts to the original 
trust group of the object from which the process was created (see col. 1 1 , lines 49-50 of 
Abraham et al.). 

Regarding claim 10 , Abraham et al. as modified by Beobert et al. teaches further 
comprising: defining at least two process types; assigning processes to one of said 
process types; and wherein said combination includes at least one of said process 
types (see fig. 6, TURBXX and CARBXX of Abraham et al.). 

Regarding claims 11 and 16 . Abraham et al. as modified by Beobert et al. 
teaches wherein said object types comprise passive code and executable code (see 
col. 11, lines 37-41 of Beobert et al.). 
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Regarding claims 12 and 15 . Abraham et al. as modified by Beobert et al! 
teaches wherein said operation types comprise open, read, create, modify, and delete 
(see fig. 12B, ref. num 117 of Abraham et al.). 

Regarding claim 14 . Abraham et al. as modified by Beobert et al. teaches further 
comprising instructions causing the computer to: define a table of types of at least two 
types of objects, the objects in the computer being assigned one type; and wherein said 
plurality of rules defines said actions further based on the type of said object (see col. 
11, lines'37-41 of Beobert et al. and fig. 8 of Abraham et al.). 

Regarding claims 19 and 21 Abraham et al. as modified by Beobert et al. 
teaches wherein the computer is operatively coupled to a network, the network including 
a server, the table of trust groups/rules is stored in said server (see abstract of Beobert 
etal.). 

Regarding claim 23 , Abraham et al. teaches a computer comprising: 

• A random access memory (fig. 1, ref. num 18); 

• A non-volatile memory (fig. 1 , ref. num 23); 

• A processor coupled to said RAM and said non-volatile memory (fig. 1 , ref. num 
17); 

• Wherein said non-volatile memory comprises: 

o A list of rules, each rule defining an action based on an object type (fig. 8); 
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*o A list of object trust groups, each trust group defining an object trust value 
and coupled to at least one of said rules (fig. 4, SECCATXX represents 
trust group values); and 
• Wherein when a process is created in said RAM from an originating object of one 
of said objects, said processor assigns to said process a process trust value 
equal to the object trust value of said originating object (fig. 15, ref. num 159, 
inheritance). 

Abraham et al. does not teach a list of object types or a plurality of objects, each 
of said objects having an object type and assigned to one of said trust groups. 

Beobert et al. teaches a list of object types (col. 1 1 , lines 37-41 ) and a plurality of 
objects, each of said objects having an object type and assigned to one of said trust 
groups (col. 7, lines 37-41 ). i 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to combine a list of object types and a plurality of objects each 
being assigned to an object type, as taught by Beobert et al. . with the computer of 
Abraham et al. It would have been obvious for such modifications because 
differentiating data based on object type provides further security of the data (see col. 
1 1 , lines 37-41 of Beobert et al.). 
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Regarding claim 24 , Abraham et al. as modified by Beobert et al. teaches further 
comprising a controller receiving operation requests from said process to be performed 
on a target object of one of said objects and, upon receiving said requests said 
controller access said list of object trust groups, list of rules, and list of object type to 
determine whether to allow the operation (see fig. 1 5, ref. num 1 53-1 55 of Abraham et 
al.). 

Regarding claim 26 , Abraham et al. as modified by Beobert et al. teaches 
wherein the controller allows the operation request but the process trust value is lower 
than the target object trust value, said processor resets the process trust value equal to 
that of the target object trust value (see fig. 15, ref. num 159 of Abraham et al.). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Brandon S. Hoffman whose telephone number is 571- 
272-3863. The examiner can normally be reached on M-F 8:30 - 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 



Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
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Business Center (EBC) at 866-217-9197 (toll-free). 
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